Christey BID:124 Consider MSKB: Q154174 BUGTRAQ:19971113 Linux IP fragment overlap bug Description: Land IP denial of service. Teardrop_Land Reference: FREEBSD: Free BSD-SA- Reference: HP: HPSBUX9801-076 Reference: URL: Display.do?doc Id=HPSBUX9801-076 Reference: CISCO: Reference: XF:cisco-land Reference: XF:land Reference: XF:95-verv-tcp Reference: XF:land-patch Reference: XF:ver-tcpip-sys Description: FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. FTP_bounce Reference: XF:ftp-bounce Reference: XF:ftp-privileged-port Description: Buffer overflow in statd allows root privileges.doc Id=HPSBUX9808-083 Reference: SUN:00180 Reference: URL: doctype=coll&doc=secbull/180 Reference: XF:bind-axfr-dos Description: Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. Status: Entry Reference: CERT: CA-98.03.ssh-agent Reference: NAI: NAI-24 Reference: XF:ssh-agent Description: Unauthorized privileged access or denial of service via dtappgather program in CDE.

updating netopia dsl modem-15

Updating netopia dsl modem video

Status: Entry Reference: CERT: CA-98.09.imapd Reference: SUN:00177 Reference: URL:

doctype=coll&doc=secbull/177 Reference: BID:130 Reference: URL: Reference: XF:imap-authenticate-bo Description: Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.

doctype=coll&doc=secbull/170 Reference: ISS: June10,1998 Reference: XF:nisd-bo-check Description: Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases.

Status: Entry Reference: SGI:19980603-01-PX Reference: URL:ftp://com/support/free/security/advisories/19980603-01-PX Reference: HP: HPSBUX9808-083 Reference: URL: Display.do?

doc Id=HPSBUX9808-083 Reference: XF:bind-dos Description: Denial of Service vulnerabilities in BIND 4.9 and BIND 8 Releases via CNAME record and zone transfer.

Status: Entry Reference: CERT: CA-98.05.bind_problems Reference: SGI:19980603-01-PX Reference: URL:ftp://com/support/free/security/advisories/19980603-01-PX Reference: HP: HPSBUX9808-083 Reference: URL: Display.do? Web Servers Reference: XF:nt-web8.3 Description: Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.Candidates must be reviewed and accepted by the CVE Editorial Board before they can be added to the official CVE list.Therefore, these candidates may be modified or even rejected in the future.doc Id=HPSBUX9808-083 Reference: SUN:00180 Reference: URL: doctype=coll&doc=secbull/180 Reference: CERT: CA-98.05.bind_problems Reference: XF:bind-bo Reference: BID:134 Reference: URL: Description: Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.Status: Entry Reference: CERT: CA-98.05.bind_problems Reference: SGI:19980603-01-PX Reference: URL:ftp://com/support/free/security/advisories/19980603-01-PX Reference: HP: HPSBUX9808-083 Reference: URL: Display.do?Status: Candidate Phase: Modified (20051217) Reference: CERT: CA-98-13-tcp-denial-of-service Reference: BUGTRAQ:19981223 Re: CERT Advisory CA-98.13 - TCP/IP Denial of Service Reference: CONFIRM: Reference: OSVDB:5707 Reference: URL: Votes: A Bugtraq posting indicates that the bug has to do with "short packets with certain options set," so the description should be modified accordingly. That one is related to nestea (CVE-1999-0257) and probably the one described in BUGTRAQ:19981023 nestea v2 against freebsd 3.0-Release The patch for nestea is in ip_input.c around line 750.